Join our subscribers
Application security at the 100 largest banks; 97 vulnerable to web & mobile attacks
Monday, July 15, 2019
Over 80 percent of all squatted domains had at least one website, related to Bitcoin or other cryptocurrencies. Brand misuse also happens in social networks, mostly in Facebook and Twitter.
Ilia Kolochenko, CEO and founder of ImmuniWeb, offered the following advice: "Most of the data breaches involve insecure web or mobile apps, the importance of which is frequently underestimated by the future victims. Recent BA’s £183 million fine for a website databreach clearly illustrates the point. Application security frequently suffers a lot. Eventually, these companies become a low-hanging fruit for pragmatic and profit-oriented cyber-criminals.
Recommendations from ImmuniWeb include:
1. Consider implementing Gartner’s CARTA strategy to enhance your cyber-security strategy.
2. Maintain a holistic and up2date inventory of assets located in your external attack surface, identify all software and its components used there, run actionable security scoring on it to enable threat-aware and risk-based remediation.
3. Implement continuous security monitoring of your external attack surface, test your new code before and after deployment to production, start implementing DevSecOps approach to your application security.
4.Consider leveraging Machine Learning and AI capacities to handle time-consuming and routine processes, freeing up your security personnel for more important tasks.
Suggested reading: "4 Practical Questions to Ask Before Investing in AI". Read Full Article
ZDNet: Only three global banks given top website security score by ImmuniWeb
IT World Canada: Almost all of the world’s biggest banks vulnerable to web or mobile attacks: Vendor study
